NATO and the EU formally condemned Russia-linked APT28 cyber espionage: NATO and the European Union formally condemned cyber espionage operations carried out by the Russia-linked APT28 against European countries. NATO and the European Union condemned… securityaffairs.com/162759/apt/nat…

Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION: A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new… securityaffairs.com/162752/securit…

Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks: Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs… helpnetsecurity.com/2024/05/05/wee…

Pay up, or else? – Week in security with Tony Anscombe: Organizations that fall victim to a ransomware attack are often caught between a rock and a hard place, grappling with the dilemma of whether to pay up or not welivesecurity.com/en/videos/rans…

Blackbasta gang claimed responsibility for Synlab Italia attack: The Blackbasta extortion group claimed responsibility for the attack that in April severely impacted the operations of Synlab Italia. Since April 18, Synlab Italia, a major provider of… securityaffairs.com/162741/securit…

French Cyberwarriors Ready to Test Their Defense Against Hackers and Malware During the Olympics: Vincent Strubel, who heads France’s national cybersecurity agency, called the cyberthreats level facing the Olympic Games unprecedented.

The post French… securityweek.com/french-cyberwa…

German Foreign Minister Says Russia will Face Consequences for Monthslong Cyber Espionage: Germany accused Russian military agents of hacking the top echelons of Chancellor Olaf Scholz’s party and other government and industrial targets.

The post… securityweek.com/german-foreign…

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities: Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28,… thehackernews.com/2024/05/micros…

Ex-Cybersecurity Consultant Jailed For Trading Confidential Data: Vincent Cannady, a professional who used to work as a consultant in the cybersecurity field, has been taken into custody for allegedly trying to extort a sum of money that could go up to… gbhackers.com/cybersecurity-…

LockBit published data stolen from Simone Veil hospital in Cannes: LockBit ransomware operators have published sensitive data allegedly stolen from the Simone Veil hospital in Cannes. In April, a cyber attack hit the Hospital Simone Veil in Cannes… securityaffairs.com/162721/cyber-c…

Friday Squid Blogging: Squid Purses: Squid-shaped purses for sale.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here. schneier.com/blog/archives/…

Far-right websites hacked and defaced : The hack included links to download subscriber data and a message claiming that Post Millennial’s editor was transitioning to a woman. 

The post Far-right websites hacked and defaced  appeared first on CyberScoop. cyberscoop.com/far-right-webs…

Russia-linked APT28 and crooks are still using the Moobot botnet: The Ubiquiti EdgeRouter botnet is still used by Russia-linked group APT28 and cybercriminals organizations. Trend Micro researchers reported that the EdgeRouter botnet, called Moobot, used… securityaffairs.com/162706/apt/moo…

My TED Talks: I have spoken at several TED conferences over the years.

* TEDxPSU 2010: “Reconceptualizing Security”
* TEDxCambridge 2013: “The Battle for Power on the Internet”
* TEDMed 2016: “Who Controls Your Medical Data?”

I’m putting… schneier.com/blog/archives/…

Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report: Microsoft security chief Charlie Bell pledges significant reforms and a strategic shift to prioritize security above all other product features.

The post Microsoft Overhauls… securityweek.com/microsoft-over…

LayerX Raises $26 Million for Browser Security Platform: Israeli startup LayerX Security banks $25 million in new financing as investors continue to pour money into secure web browsing technologies.

The post LayerX Raises $26 Million for Browser… securityweek.com/layerx-raises-…

US Says North Korean Hackers Exploiting Weak DMARC Settings : The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.

The post US Says North Korean Hackers Exploiting Weak DMARC Settings … securityweek.com/us-says-north-…

Microsoft organizational changes seek to address security failures: The company says securing its products is its top priority after a series of damaging, embarrassing breaches. 

The post Microsoft organizational changes seek to address security… cyberscoop.com/microsoft-secu…

Ubuntu Security Notice USN-6757-2: Ubuntu Security Notice 6757-2 - USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem. It was… packetstormsecurity.com/files/178438/U…

Ubuntu Security Notice USN-6762-1: Ubuntu Security Notice 6762-1 - It was discovered that GNU C Library incorrectly handled netgroup requests. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected… packetstormsecurity.com/files/178437/U…